View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 17, 2013

Android malware that steals texts revealed

FireEye discovered 64 mobile botnet campaigns corresponding to the MisoSMS malware family.

By CBR Staff Writer

Security researchers have exposed a piece of Android malware that steals text messages.

FireEye uncovered the ‘MisoSMS’ botnet, which is claimed to be one of the largest, advanced of its kind so far.

According to the security firm, the botnet steals texts by disguising itself as an Android settings application used for administrative tasks.

It then sends the texts to a command-and-control (CnC) infrastructure hosted in China.

FireEye also discovered 64 mobile botnet campaigns corresponding to the MisoSMS malware family, with each of them leveraging web mail as its CnC infrastructure.

"Once MisoService is initiated, it checks whether the phone is connected to the internet and the cellular network," the security firm said.

"If so, it sends a byte array formed by the request data structure shown above.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

"It then makes a copy of data from the request structure into the replay structure and sends the byte array of the request structure via SMS.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.